Commit Graph

1784 Commits

Author SHA1 Message Date
Alexander A. Klimov a9841a9197 Defer: ensure not to throw any exceptions out of a destructor
refs #6989
2019-03-01 14:29:35 +01:00
Michael Friedrich e2df11520e
Merge pull request #6970 from Icinga/bugfix/perfdata-gaps
Improve reload handling for features (metric & queue flush, activation priority)
2019-02-26 15:38:15 +01:00
Alexander A. Klimov bf0c68757f Don't require OS headers to provide SO_REUSEPORT 2019-02-26 11:25:44 +01:00
Michael Friedrich 458f997a18 Replace Copyright header with a short version, part II 2019-02-25 15:09:36 +01:00
Michael Friedrich d14a88235d Replace Copyright header with a short version, part I
CLion -> replace in path
2019-02-25 14:48:22 +01:00
Michael Friedrich ab7a799369 Implement ReloadTimeout constant and wait for enqueued checks on Stop() 2019-02-25 09:03:47 +01:00
Alexander A. Klimov 9558ebc0f4 Secure ApiUser::GetByAuthHeader() against timing attacks 2019-02-22 16:59:36 +01:00
Michael Friedrich 89634c2eb6 Re-add Defer functionality 2019-02-22 15:27:34 +01:00
Michael Friedrich a25e2b1038 Stop object in reversed activation priority order
This stops the checker component first, then notifications, then
features, then config objects, then the API feature and logger(s).

Patch taken from @al2klimov
2019-02-20 12:38:57 +01:00
Michael Friedrich 5da1cbd096 Revert "Respect activation priority also on deactivation"
This reverts commit 8ad1717055.
2019-02-19 14:30:44 +01:00
Michael Friedrich a2f5b7a02c Revert "CheckerComponent#Stop(): wait for all running checks"
This reverts commit 1eaad0637b.
2019-02-19 14:05:00 +01:00
Michael Friedrich d98c0704c4 Debug: Log calls to ConfigObject::Deactivate()
Only available in debug builds.
2019-02-19 13:49:52 +01:00
Michael Friedrich 0467c488e9
Merge pull request #6908 from Icinga/bugfix/perfdata-gaps
Ensure all perfdata to be written
2019-02-11 17:27:44 +01:00
Michael Friedrich 7a865aefd9
Merge pull request #6854 from Icinga/bugfix/unamehelper-inefficient-6452
Make UnameHelper() efficient
2019-02-11 16:57:17 +01:00
Alexander A. Klimov 8ad1717055 Respect activation priority also on deactivation 2019-02-06 11:17:45 +01:00
Michael Friedrich 4339240b46
Merge pull request #6858 from Icinga/feature/string-builder
Make string builder reusable
2019-02-04 16:05:20 +01:00
Michael Friedrich 77572c4424
Merge pull request #6901 from Icinga/bugfix/so_reuseport-6898
TcpSocket#Bind(): also set SO_REUSEPORT
2019-02-04 14:21:20 +01:00
Michael Friedrich b58cb17e4b Fix Convert::ToLong(double val) 2019-01-30 14:47:59 +01:00
Alexander A. Klimov 1eaad0637b CheckerComponent#Stop(): wait for all running checks 2019-01-24 15:09:39 +01:00
Alexander A. Klimov 984f7be030 TcpSocket#Bind(): also set SO_REUSEPORT
refs #6898
2019-01-17 12:13:44 +01:00
Alexander A. Klimov 61860563a6 Make string builder reusable 2018-12-21 12:43:04 +01:00
Alexander A. Klimov 17e86f98a2 Make UnameHelper() efficient
refs #6452
2018-12-20 16:37:04 +01:00
Michael Friedrich bf4ecbed69 Revert "ThreadPool#Stop(): discard non-processed queue items"
This reverts commit 30e6d0f809.

refs #6815
2018-12-06 09:56:49 +01:00
Michael Friedrich 08c1539561
Merge pull request #6815 from Icinga/bugfix/reload-while-api-dos
ThreadPool#Stop(): discard non-processed queue items
2018-12-05 11:11:49 +01:00
Alexander A. Klimov 30e6d0f809 ThreadPool#Stop(): discard non-processed queue items 2018-12-03 16:38:52 +01:00
Michael Friedrich f3cd3eb870 DSL: Implement getenv()
This patch also restores Utility::GetFromEnvironment()
and replaces the hardcoded `getenv()` calls.
2018-11-19 18:11:16 +01:00
Michael Friedrich 90de216cbb
Merge pull request #6479 from Icinga/feature/socketevents-inherit-object-6477
SocketEvents: inherit from Stream
2018-11-12 17:06:37 +01:00
Michael Friedrich 1f5555e1d6 Fix possible double free in StreamLogger::BindStream()
refs #6737
2018-11-08 15:51:58 +01:00
Alexander A. Klimov a2ae01e64b Socket engine: drop life support objects
refs #6477
2018-10-30 13:46:20 +01:00
Alexander A. Klimov 5134ccaf56 Make SocketEventDescriptor#EventInterface a SocketEvents::Ptr
refs #6477
2018-10-30 13:46:20 +01:00
Alexander A. Klimov a9a9469868 SocketEvents: inherit from Stream
refs #6477
2018-10-30 13:46:20 +01:00
Michael Friedrich 5406ce6540 Ensure that API/JSON-RPC messages in the same session are processed and not stalled
This basically drops the "corked" implementation which just stalled the
TLS IO polling after some requests. If you need sort of rate limiting
for these events, use an external TLS proxy which terminates that in front
of Icinga.

fixes #6635
2018-10-29 12:57:24 +01:00
Michael Friedrich 7e1942e8e7
Merge pull request #6718 from Icinga/bugfix/ssl-shutdown
Call SSL_shutdown() at least twice
2018-10-24 11:46:32 +02:00
Michael Friedrich dea5ec614e icinga.com: Update CMakeLists.txt 2018-10-18 09:35:18 +02:00
Michael Friedrich 44c3b83769 icinga.com: Update '*.ti' 2018-10-18 09:30:00 +02:00
Michael Friedrich dab53448bc icinga.com: Update *.{h,c}pp 2018-10-18 09:27:04 +02:00
Michael Friedrich af6c8a1f50 Add missing shutdown/program state dumps for SIGUSR2 reload handler
Credits to @west0rmann finding the issue and providing the initial fix.

fixes #6689
fixes #6592
2018-10-16 12:36:43 +02:00
Michael Friedrich 43a571e013 Don't throw an error when namespace indexers don't find a valid key
Examples:

```
globals["abc"]
globals.def
```

The patch for the Icinga Director unfortunately only solves the
master, and as discussed with @lippserd we need to ensure that
satellites and clients with 2.10 can be restarted without any errors
from deployed configuration.

refs #6509
refs icinga/icingaweb2-module-director#1654
2018-10-11 12:42:56 +02:00
Michael Friedrich 4be9f418a9 Revert "Initialize Socket Event Engine on application startup"
This reverts commit c8dcd1297f.

We cannot do this during application startup, since Daemonize()
kills the threads again.

refs #6514
refs #6630
2018-10-09 19:38:29 +02:00
Michael Friedrich 96c0de9bea Allow to override MaxConcurrentChecks constant 2018-09-27 20:23:00 +02:00
Michael Friedrich c8dcd1297f Initialize Socket Event Engine on application startup
Previously this happened inside the TlsStream constructor
during the first connection attempt.
2018-09-24 15:50:59 +02:00
Michael Friedrich 3038b150a9
Merge pull request #6616 from Icinga/feature/tls-handshake-timeout-config
Add ApiListener#tls_handshake_timeout option
2018-09-17 11:20:12 +02:00
Michael Friedrich b81ac972b9 Silence compiler warning for nice() 2018-09-14 14:29:52 +02:00
Michael Friedrich 29701b4db5 Add ApiListener#tls_handshake_timeout option
This allows to specify the previously hardcoded
timeout of 10s.

refs #6517
2018-09-14 09:20:09 +02:00
Michael Friedrich f297881e23 Call SSL_shutdown() at least twice 2018-09-10 16:10:16 +02:00
Michael Friedrich 1c2a59bf63
Merge pull request #6591 from Icinga/bugfix/lto-builds-static-initialize-namespaces
Fix static initializer priority for namespaces in LTO builds
2018-09-04 16:54:30 +02:00
Michael Friedrich 19993df380 Fix static initializer priority for namespaces in LTO builds
fixes #6575
2018-09-04 16:36:22 +02:00
Jean Flach 72cc41d14e
Merge pull request #6356 from sourcejedi/fix/systemd
Fix logging under systemd
2018-09-04 15:24:43 +02:00
Michael Friedrich bc844aca06 Fix non-unity builds on CentOS 7 with std::shared_ptr
refs #6509
2018-09-03 15:32:28 +02:00
Alan Jenkins a0fb0bbfe3 fix "Console" log to flush
It's called "Console", which would be line-buffered anyway.  But, it's
implemented as std::cout.  This might be piped to a logger, as in
daemontools or systemd.  In this case it will not be a TTY, and log lines
should be flushed without too much delay.  Let's just flush each message.

Let's not introduce a static instance of StreamLogger (flushed by interval
timer).  That's too stressful to read, because static instances are really
annoying to order.  Example citation: "Yay, our static destructors are
pretty much beyond repair at this point." -- application.cpp.

I don't know if there will be any need to optimize logging syscalls.  The
init script uses `--daemonize`.  I think the systemd service should also
avoid using the "Console" log after startup (see next commit).  The
documentation does not warn that the syslog feature is less efficient
in system calls than mainlog; deferred flusing does not seem to be a highly
prominent feature.  There's no cool comment in the code about how much the
syscalls were slowing down some use case (or qualifying that this
optimization can only eliminate syscalls on platforms with both mutexes and
clocks that can work without syscalls).
2018-08-25 09:54:55 +01:00
Gunnar Beutner e678fa1aa5 Refactor Application::*Const() 2018-08-13 15:27:05 +02:00
Gunnar Beutner 1a0311a49f Implement namespace support for the keys() function 2018-08-13 13:44:31 +02:00
Gunnar Beutner 8fda8d72ac Implement support for the namespace and using keywords 2018-08-13 13:44:31 +02:00
Gunnar Beutner 10d6f70a85 Move constants and functions into different namespaces 2018-08-13 13:44:31 +02:00
Gunnar Beutner 1a8692d972 Implement support for namespaces 2018-08-13 13:44:31 +02:00
Gunnar Beutner 9d513d8f05 Implement support for modifying frozen attributes 2018-08-13 13:44:31 +02:00
Gunnar Beutner d9c0b6f806 Refactor REGISTER_SCRIPTFUNCTION_* macros 2018-08-13 13:44:31 +02:00
Michael Friedrich 97513965e6 Introduce IcingaApplication#environment
Precedence as follows:

- DEnvironment=...
- const Environment = ...
- object IcingaApplication "app" { environment = "..." }

The wrapped script constant handling is required
since we cannot directly link from libremote (SNI handling)
to libicinga where the object resides. Instead we'll
use the Application class helpers for hiding the ScriptGlobal
calls.
2018-08-10 12:49:48 +02:00
Markus Frosch 20269a89d0 ApiListener: Add support for dynamic port handling 2018-08-08 17:42:57 +02:00
Michael Friedrich 9be3ee1a1a Update output for `--version`
This moves the system and build information before
the application paths which are normally not that important.
2018-08-07 18:46:18 +02:00
Markus Frosch 9fbc40615a Improve path handling in cmake and daemon 2018-08-07 14:10:26 +02:00
Michael Friedrich 8bac1dc99e
Merge pull request #6521 from gunnarbeutner/feature/references
Implement references
2018-08-07 12:00:19 +02:00
Gunnar Beutner 24de1963b1
Merge pull request #6526 from Icinga/bugfix/wpessimizing-move-6524
icinga::PackObject(): shorten conversion to string
2018-08-07 10:05:18 +02:00
Alexander A. Klimov 137f5363c4 icinga::PackObject(): shorten conversion to string
refs #6524
2018-08-07 09:57:08 +02:00
Gunnar Beutner 8bfd419702 Implement references 2018-08-07 07:44:48 +02:00
Michael Friedrich 33492420f3
Merge pull request #6427 from gunnarbeutner/fix/recursive-serialize
Improve error message for serializing objects with recursive references
2018-08-03 11:03:42 +02:00
Gunnar Beutner 56cf64f590 Improve error message for serializing objects with recursive references 2018-08-02 11:06:24 +02:00
Jean Flach 065bc23d9a
Merge pull request #6508 from gunnarbeutner/feature/dictionary-clear
Implement the Dictionary#clear script function
2018-08-02 10:30:08 +02:00
Gunnar Beutner a5a0119799 Implement the Dictionary#clear script function 2018-08-02 08:45:19 +02:00
Jean Flach 2e3a1ff0c6
Merge pull request #6498 from Icinga/bugfix/match-regex-match-any-regression
Fix regression with MatchAny false conditions on match/regex/cidr_match
2018-07-27 17:28:13 +02:00
Michael Friedrich 72c0f07661 Fix regression with MatchAny false conditions on match/regex/cidr_match
fixes #6496
2018-07-27 16:55:37 +02:00
Michael Friedrich 8e682ce9b1 Improve error logging for match/regex/cidr_match functions and unsupported dictionary usage
fixes #6442
2018-07-27 16:34:50 +02:00
Alexander A. Klimov dd8cb42969 Implement object packer for consistent hashing 2018-07-26 17:36:48 +02:00
Michael Friedrich 020bd86b4c
Merge pull request #6408 from Icinga/bugfix/objectlock-unlock-m_lockowner
ObjectLock#Unlock(): don't reset m_Object->m_LockOwner too early
2018-07-26 10:02:26 +02:00
Michael Friedrich fcc32957cb
Merge pull request #6455 from Icinga/feature/filelogger-started
Log something when the Filelogger has been started
2018-07-26 10:01:06 +02:00
Michael Friedrich 62e91e1891
Merge pull request #6430 from Icinga/fix/workqueue-log-message
Fix negative 'empty in' value in WorkQueue log message
2018-07-26 09:59:53 +02:00
Michael Friedrich b1adad0a42
Merge pull request #6456 from Icinga/feature/logger-flush-dev
Keep notes for immediately log flushing
2018-07-26 09:58:59 +02:00
Michael Friedrich 14d88d90a0
Merge pull request #6470 from sebastic/spelling-errors
Fix spelling errors.
2018-07-23 17:59:45 +02:00
Bas Couwenberg 0891380789 Fix spelling errors.
* occured -> occurred
 * dosen't -> doesn't
2018-07-21 10:38:09 +02:00
Alexander A. Klimov f71bad96d5 Start and stop the timer thread lazily
refs #6461
2018-07-20 15:36:15 +02:00
Michael Friedrich 7519d23892 Add debug logging for daemonize/timers
The previous commit is 1:1 the same I've implemented
here already. Great teamwork with Alex :)

refs #6445
2018-07-19 13:34:12 +02:00
Alexander A. Klimov d15e1006f3 Re-introduce Timer::Initialize()
refs #6445
2018-07-19 13:22:37 +02:00
Michael Friedrich fd381ff5e0 Keep notes for immediately log flushing
Disabled, but kept for future debugging sessions.
Helps with things like #6455
2018-07-19 12:51:30 +02:00
Michael Friedrich 7c2e999f1f Log something when the Filelogger has been started
Helps to see whether the logger object is active,
spotted during #6445
2018-07-19 12:48:29 +02:00
Michael Insel 4170bd5205 Fix negative 'empty in' value in WorkQueue log message
This fixes a negative 'empty in' value in WorkQueue log messages.
2018-07-10 19:21:04 +02:00
Alexander A. Klimov 02645c59ff ObjectLock#Unlock(): don't reset m_Object->m_LockOwner too early 2018-06-22 14:13:09 +02:00
Michael Friedrich ba680dc829
Merge pull request #6405 from Icinga/bugfix/windows-reload-behaviour-6378
TcpSocket#Bind(): reuse socket addresses on Windows, too
2018-06-22 12:25:28 +02:00
Alexander A. Klimov 79878ea286 TcpSocket#Bind(): reuse socket addresses on Windows, too
refs #6378
2018-06-22 10:33:31 +02:00
Michael Friedrich 257ad12646 Use SSL_pending() for remaining TLS stream data
We've used this previously, and according to the OpenSSL
docs we should just use it. From our experience everything
done different to the API functions from OpenSSL causes
undefined behaviour in the worst case.

This commit also breaks the packet size limit into a more
readable version, including logs for development debug builds.

refs #6242
2018-06-21 15:58:05 +02:00
Michael Friedrich cc294e14d2
Merge pull request #6393 from Icinga/bugfix/elasticsearchwriter-not-writing-6354
Stream#ReadLine(): fix false positive buffer underflow indicator
2018-06-21 15:06:21 +02:00
Alexander A. Klimov 1c213877a4 Stream#ReadLine(): simplify algorithm
refs #6354
2018-06-20 17:28:52 +02:00
Alexander A. Klimov 3c7851107c TlsStream#IsEof(): fix false positive EOF indicator
refs #6242
2018-06-20 16:55:33 +02:00
Alexander A. Klimov 02d1f1cc57 Stream#ReadLine(): fix false positive buffer underflow indicator
refs #6354
2018-06-20 09:59:18 +02:00
Michael Friedrich cfd6c79a03
Merge pull request #6387 from Icinga/fix/remove-broken-api-user-hash
Remove ApiUser password_hash functionality
2018-06-19 14:26:32 +02:00
Michael Friedrich 2fd6709952 Remove ApiUser password_hash functionality
This affects and fixes

- Windows reload
- Config validation
- RHEL 7.5 OpenSSL memory corruption
- Hash algorithm, requested changes

refs #6378
refs #6279
refs #6278
2018-06-19 11:32:03 +02:00
Michael Friedrich 9b99c9d106 Remove leftover for sysconfig file parsing
refs #6255
2018-06-18 19:25:48 +02:00
Jean Flach 9a5d464448 Revert "Fix Windows reload"
This reverts commit 691e3cfd57.
2018-06-12 12:19:16 +02:00
Michael Friedrich bf0737ded5
Merge pull request #6328 from Icinga/sysconfig-env
Rework sysconfig file/startup environment
2018-06-05 13:27:36 +02:00
Jean Flach ed4e008e79 Rework sysconfig file
The sysconfig file now only contains the defaults as comments, changes
made there are given to the init.d script, prepare-dirs, safe-reload and
Icinga 2 itself. If nothing is set in the sysconfig file (as is the
default as all lines are commented out) the defaults are used.

fixes #6255
2018-05-23 15:18:42 +02:00
Jean Flach 08a14cd136 Ensure that password hash generation from OpenSSL is atomic
This is supposed to solve a problem with segfaults caused by
race conditions withing the random byte generation of OpenSSL.

fixes #6279
2018-05-23 10:55:14 +02:00
Michael Friedrich 6660a45c41 Implement Array::Unique() and add unit tests
refs #4732
2018-05-09 17:25:55 +02:00
Jean Flach c54e042942 Add activation priorities for config object types
This patch ensures that specific configuration types
are pre-activated and post-activated. In general,
logging is first, then common configuration objects
like host/service, downtimes, etc.
In the end, all features are activated after to ensure
that notifications are only sent once downtimes are applied.
A similar thing happens for starting with checks too early.
The ApiListener feature runs first to allow cluster connections
at first glance.

fixes #6057
fixes #6231
2018-05-04 11:25:47 +02:00
Jean Flach 88dc230294
Merge pull request #6285 from Icinga/feature/config-validation-timestamps
Add support for config validation log timestamps
2018-05-03 14:22:39 +02:00
Michael Friedrich e606a443b7 Add support for config validation log timestamps
This also adds implicit support for the startup.log
generated from API config package validation, e.g. used by
the Icinga Director.

fixes #3455
2018-05-03 11:35:29 +02:00
Michael Friedrich 1102f60b43 Revert "Implement support for ECC certificates"
This reverts commit 10691db5b1.

refs #5555
refs #6200
2018-05-02 16:54:07 +02:00
Jean Flach 0b1d5013ac Revert "fixup set rlimit stack failed condition"
This reverts commit bf959371c4.

fixes #6257
2018-04-25 14:26:40 +02:00
Jean Flach 2c8dfcc1aa Fix typo 2018-04-23 10:18:31 +02:00
Michael Friedrich e6f214fa29 Log warning when sysconfig file cannot be read
refs #6215
2018-04-19 10:09:09 +02:00
Jean Flach 8b0126411b Add improved error messages for resource limits
refs #6215
2018-04-19 08:55:05 +02:00
Jan Beich 106be295eb Explicitly use long with boost::posix_time
In file included from lib/base/base_unity.cpp:61:
lib/base/timer.cpp:295:31: error: no matching conversion for functional-style cast from 'double' to 'boost::posix_time::milliseconds' (aka 'subsecond_duration<boost::posix_time::time_duration, 1000>')
                        l_TimerCV.timed_wait(lock, boost::posix_time::milliseconds(wait * 1000));
                                                   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from lib/remote/remote_unity.cpp:19:
lib/remote/eventqueue.cpp:111:30: error: no matching conversion for functional-style cast from 'double' to 'boost::posix_time::milliseconds' (aka 'subsecond_duration<boost::posix_time::time_duration, 1000>')
                if (!m_CV.timed_wait(lock, boost::posix_time::milliseconds(timeout * 1000)))
                                           ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from lib/checker/checker_unity.cpp:1:
lib/checker/checkercomponent.cpp:128:26: error: no matching conversion for functional-style cast from 'double' to 'boost::posix_time::milliseconds' (aka 'subsecond_duration<boost::posix_time::time_duration, 1000>')
                        m_CV.timed_wait(lock, boost::posix_time::milliseconds(wait * 1000));
                                              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/local/include/boost/date_time/time_duration.hpp:270:30: note: candidate constructor (the implicit copy constructor) not viable: no known conversion from 'double' to 'const boost::date_time::subsecond_duration<boost::posix_time::time_duration, 1000>' for 1st argument
  class BOOST_SYMBOL_VISIBLE subsecond_duration : public base_duration
                             ^
/usr/local/include/boost/date_time/time_duration.hpp:270:30: note: candidate constructor (the implicit move constructor) not viable: no known conversion from 'double' to 'boost::date_time::subsecond_duration<boost::posix_time::time_duration, 1000>' for 1st argument
/usr/local/include/boost/date_time/time_duration.hpp:286:59: note: candidate template ignored: disabled by 'enable_if' [with T = double]
                                typename boost::enable_if<boost::is_integral<T>, void>::type* = 0) :
                                                          ^
2018-04-15 04:06:11 +00:00
Michael Friedrich da9b3991aa
Merge pull request #6163 from Icinga/fix/handle-restart
Fix reload handling by updating the PID file before process overtake
2018-04-03 17:18:29 +02:00
Jean Flach 92f7242db1
Merge pull request #6119 from tclh123/dev
fixup set rlimit stack failed condition
2018-03-21 09:56:47 +01:00
Jean Flach a742e64e4d Fix reload handling
Make sure we have written the new PID before letting it take over.
2018-03-14 10:43:59 +01:00
Gunnar Beutner 9cd5298d8b Ensure that SetCorked() works properly 2018-03-06 09:03:35 +01:00
Gunnar Beutner b172a67867 Fix incorrect argument type for JsonRpc::SendMessage 2018-03-06 08:58:19 +01:00
Jean Flach 1bdd14b428 Limit anonymous connections to 25 2018-03-05 13:22:43 +01:00
Noah Hilverling 54ff60cd8c Limit JSON-RPC message size 2018-03-05 10:29:05 +01:00
Gunnar Beutner a3bf8cd26e
Merge pull request #6133 from Icinga/fix/cork-socket
Limit the number of HTTP/JSON-RPC requests we read in parallel
2018-02-28 12:48:06 +01:00
Gunnar Beutner a9fb714578
Merge pull request #6116 from Icinga/fix/windows-service-restart
Fix Windows reload
2018-02-28 12:23:53 +01:00
Jean Flach d0cf7c654e Use cork in tlsstream and HTTP connection 2018-02-28 11:40:58 +01:00
Jean Flach 7d103aaf1b Add cork 2018-02-28 11:40:58 +01:00
Jean Flach 01c7f20170 Require systemd headers
Only mandatory if using systemd
2018-02-27 15:54:58 +01:00
lihan cc24ae217e fixup set rlimit stack failed condition 2018-02-27 12:56:36 +08:00
Gunnar Beutner ef488a3ebc Replace boost::algorithm::split calls with String::Split 2018-02-26 08:27:18 +01:00
Jean Flach 691e3cfd57 Fix Windows reload 2018-02-23 17:01:46 +01:00
Jean Flach 6bb2ed4258 Merge branch 'feature/security-features' 2018-02-21 16:19:54 +01:00
Jean Flach 184580f705
Merge pull request #6103 from Icinga/fix/http-security-fixes
HTTP Security fixes
2018-02-21 15:04:02 +01:00
Jean Flach 85f45d9b94 Minor codestyle and doc changes 2018-02-21 14:52:44 +01:00
Jean Flach eda9bce8cb
Merge pull request #6104 from Icinga/fix/nullptr-deref
Fix nullptr dereferences
2018-02-21 13:56:09 +01:00
Jean Flach a71ab1e126 Rename macro RequireNotNull to REQUIRE_NOT_NULL 2018-02-21 13:47:46 +01:00
Noah Hilverling 6bebdf8a87 Add marco RequireNotNull
This is used to fix a number of possible nullptr dereferences
2018-02-21 13:47:46 +01:00
Jean Flach c8c193a9d8 Remove need for RunAsUser/Group
They are now read form the sysconfig file which is owned by root
2018-02-20 14:16:43 +01:00
Jean Flach 8ffa4f04a7 Add timeout for TLS handshakes 2018-02-20 13:32:04 +01:00
Jean Flach 0a0795f09d Code style 2018-02-16 11:47:13 +01:00
Jean Flach 65a806f5dc Move new password functions into tlsutility 2018-02-15 13:09:22 +01:00
Jean Flach 92e2faaa08 Hash API password and comparison
fixes #4920
2018-02-15 13:09:22 +01:00
Noah Hilverling e1e06ce767
Merge pull request #5988 from Icinga/fix/concurrent-checks-limit-cluster
Fix concurrent checks limit while using command_endpoint
2018-02-06 14:13:49 +01:00
Gunnar Beutner e361b3c427 Implement support for frozen arrays and dictionaries 2018-01-30 12:22:04 +01:00
Noah Hilverling 97bd91dda2 Replace concurrent_checks in CheckerComponent by global MaxConcurrentChecks
refs #4841
2018-01-29 14:50:24 +01:00
Jean Flach 51d5a3e457 Fix missing include 2018-01-26 14:38:55 +01:00
Jean Flach cc73eed2af
Merge pull request #5992 from Icinga/feature/remove-includes
Remove unused includes
2018-01-25 09:13:02 +01:00
Gunnar Beutner 0cc9af6bee Remove duplicate semicolons 2018-01-24 12:07:52 +01:00
Gunnar Beutner 94e6be1a65 Remove unused includes 2018-01-22 09:52:29 +01:00
Jean Flach c418a9611e Add systemd watchdog and adjust reload behaviour 2018-01-19 16:52:36 +01:00
Jean Flach 1da6b2c883 Fix whitespaces in CMakeLists files
Uses 2 space indentation as standard
2018-01-19 09:19:40 +01:00
Gunnar Beutner 7702cb056a
Merge pull request #6009 from Icinga/fix/build-fix-gcc
Build fix for ancient versions of GCC
2018-01-18 15:29:50 +01:00
Jean Flach 37e890f513
Merge pull request #6008 from Icinga/fix/cmake-3-0-compat
Fix compatibility with CMake < 3.1
2018-01-18 15:26:10 +01:00
Gunnar Beutner 9d436605f0 Fix compatibility with CMake < 3.1 2018-01-18 15:12:46 +01:00
Gunnar Beutner aa76ddf7f2 Build fix for ancient versions of GCC 2018-01-18 15:12:14 +01:00
Jean Flach f9b378edc6 Fix missing include
fixes #6001
2018-01-18 10:54:49 +01:00
Gunnar Beutner 2a9dceb367 Use CMake object libraries for our libs 2018-01-17 04:28:21 +01:00
Gunnar Beutner c2fb9fe226 Use initializer lists for arrays and dictionaries 2018-01-16 12:27:44 +01:00
Michael Friedrich 01aee7954e
Merge pull request #5969 from Icinga/feature/wq-stats-mutex
Remove the WorkQueue::m_StatsMutex instance variable
2018-01-11 13:38:40 +01:00
Michael Friedrich de5f2b01c4
Merge pull request #5968 from Icinga/feature/ringbuffer-mutex
Update the RingBuffer class to use a regular mutex instead of ObjectLock
2018-01-11 13:37:35 +01:00
Michael Friedrich 47bc4e6b5c
Merge pull request #5967 from Icinga/feature/lazy-accessors
Avoid accessing attributes for validators where not necessary
2018-01-11 13:36:29 +01:00
Gunnar Beutner e8876f3b22 Remove the WorkQueue::m_StatsMutex instance variable 2018-01-11 10:48:19 +01:00
Gunnar Beutner ddf09263af Update the RingBuffer class to use a regular mutex instead of ObjectLock 2018-01-11 10:40:19 +01:00
Gunnar Beutner 21254fb610 Avoid accessing attributes for validators where not necessary 2018-01-11 08:20:16 +01:00
Gunnar Beutner 0b03ab854e Avoid unnecessary casts in the JSON encoder 2018-01-11 07:31:08 +01:00
Gunnar Beutner 0c2fd8e1d8
Merge pull request #5957 from mcktr/fix/year-2017-reference
Change a bunch more copyright headers for 2018
2018-01-09 04:58:25 +01:00
Michael Insel 6eccdff621 Change a bunch more copyright headers for 2018
This changes more copyright headers for 2018.
2018-01-08 18:05:12 +01:00
Gunnar Beutner d9010c7b9f Avoid mutex contention in the config parser 2018-01-08 15:59:55 +01:00
Gunnar Beutner 71ee5ac698 Build fix 2018-01-04 12:33:51 +01:00
Gunnar Beutner f05459b40c Move inline functions to their .cpp files 2018-01-04 12:24:58 +01:00
Gunnar Beutner 91c256261a Apply clang-tidy fix 'modernize-use-default-member-init' 2018-01-04 12:24:58 +01:00
Gunnar Beutner e0174b8f3f Apply clang-tidy fix 'modernize-return-braced-init-list' 2018-01-04 12:24:57 +01:00
Gunnar Beutner e0c350b8a5 Apply clang-tidy fix 'modernize-use-nullptr' 2018-01-04 12:24:57 +01:00
Gunnar Beutner becfa85094 Apply clang-tidy fix 'modernize-use-emplace' 2018-01-04 12:24:57 +01:00
Gunnar Beutner e3ad0be769 Apply clang-tidy fix 'modernize-use-auto' 2018-01-04 12:24:57 +01:00
Gunnar Beutner 621eed3f13 Apply clang-tidy fix 'modernize-pass-by-value' 2018-01-04 12:24:57 +01:00
Gunnar Beutner 6da7d48d25 Apply clang-tidy fix 'modernize-loop-convert' 2018-01-04 12:24:57 +01:00
Gunnar Beutner 9ca682496c Apply clang-tidy fix 'modernize-use-override' 2018-01-04 12:24:57 +01:00
Gunnar Beutner ac155d1dda Apply clang-tidy fix 'modernize-redundant-void-arg' 2018-01-04 12:24:57 +01:00
Gunnar Beutner 41f0fbfd30 Add the final keyword to methods 2018-01-04 05:45:40 +00:00
Gunnar Beutner efe99a3e5e Add the final keyword to classes 2018-01-04 05:20:20 +00:00
Gunnar Beutner 6a1ac6a902 Fix incorrect ::Start call 2018-01-03 18:57:01 +01:00
Michael Friedrich cd33b8b508
Merge pull request #5936 from Icinga/feature/source-lists
Clean up source lists in the CMakeLists.txt files
2018-01-03 11:59:35 +01:00
Gunnar Beutner 75e2473616 Clean up source lists in the CMakeLists.txt files 2018-01-03 11:47:46 +01:00
Michael Friedrich 0e6f4b1966
Merge pull request #5939 from Icinga/fix/build-fix-wheezy
Build fix for Debian wheezy
2018-01-03 11:28:57 +01:00
Gunnar Beutner fe8572d75b Remove inline methods and use explicit template instantiation to minimize the number of weak symbols 2018-01-03 11:04:58 +01:00
Gunnar Beutner abe3f8a959 Build fix for Debian wheezy 2018-01-03 10:32:33 +01:00
Gunnar Beutner 2f953d6204 Implement shim for libmysqlclient and libpq 2018-01-02 23:29:48 +01:00
Gunnar Beutner 90496b5456 Build libraries as static libraries 2018-01-02 23:29:48 +01:00
Michael Friedrich f843f92ee3
Merge pull request #5928 from Icinga/fix/build-fix-msvc
Fix build problem with MSVC
2018-01-02 14:01:15 +01:00
Michael Friedrich e08da4267b
Merge pull request #5930 from Icinga/feature/boost-function
Replace boost::function with std::function
2018-01-02 13:46:23 +01:00
Michael Insel 158ae2188e Change copyright header for 2018 2018-01-02 12:08:55 +01:00
Gunnar Beutner dac71b3960 Replace boost::function with std::function 2018-01-02 08:55:50 +01:00
Gunnar Beutner 6737a0fa8f Make MSVC happy 2018-01-01 09:24:28 +01:00
Jean Flach 2636e6a77a Whitespace fix
What does this change?
* Remove use of spaces for formatting
These could be found by using `grep -r -l -P '^\t+ +[^*]'
* Removal of training whitespaces
* A few lines longer than 120 chars
2017-12-20 14:53:52 +01:00
Jean Flach f40f366e9e Remove unnecessary inline statements
fixes #5886
2017-12-20 13:22:38 +01:00
Jean Flach 6d9a0fe3a9 Remove string_iless
It's unused
2017-12-20 11:18:28 +01:00
Gunnar Beutner 02dc3a9507 Workaround for GCC bug 61321 2017-12-20 08:02:17 +01:00
Gunnar Beutner 4866f777cc Avoid unnecessary allocations for script frames 2017-12-18 13:40:29 +01:00
Gunnar Beutner 80b72cfb1c Avoid allocations in ScriptUtils::Match 2017-12-18 13:40:21 +01:00
Michael Friedrich 20d7221dfe
Merge pull request #5865 from Icinga/fix/uuid
Add missing initializer in Utility::NewUniqueID()
2017-12-15 09:08:26 +01:00
Gunnar Beutner 85f3865718
Merge pull request #5861 from Icinga/fix/invalid-memory-access
Fix incorrect memory access
2017-12-15 06:25:10 +01:00
Gunnar Beutner 3403844b74
Merge pull request #5863 from Icinga/fix/glob-5859
Fix glob error handling
2017-12-14 19:08:54 +01:00
Gunnar Beutner a6887b1ae9 Add missing initializer in Utility::NewUniqueID() 2017-12-14 19:07:14 +01:00
Jean Flach e45ede6271 Fix glob error handling
fixes #5859
2017-12-14 17:04:35 +01:00
Gunnar Beutner 1ad83886ac Replace a few more NULLs with nullptr 2017-12-14 15:37:20 +01:00
Gunnar Beutner 0629ea0a98 Fix incorrect memory access 2017-12-14 15:05:04 +01:00
Gunnar Beutner 1bf12c9685
Merge pull request #5857 from Icinga/fix/compiler-warnings
Fix compiler warnings
2017-12-14 13:49:25 +01:00
Gunnar Beutner 3c5af89d5f Fix compiler warnings 2017-12-14 09:15:37 +01:00
Gunnar Beutner ff0b6ba630 Fix build problems with Visual Studio 2017 2017-12-14 08:55:36 +01:00
Gunnar Beutner 42744fde5b Remove extraneous whitespace 2017-12-14 08:50:09 +01:00
Gunnar Beutner 96e214221d Remove unused variables 2017-12-14 08:50:09 +01:00
Gunnar Beutner 75def4b074
Merge pull request #5753 from Icinga/fix/ringbuffer-does-not-get-updated-if-nothing-is-written-5750
Fix that RingBuffer does not get updated and add metrics about communication between endpoints
2017-12-12 11:32:18 +01:00
Noah Hilverling 5519626f84 Add metrics about communication between endpoints
refs #5509
2017-12-11 10:20:25 +01:00
Michael Friedrich a72a7b7c89
Merge pull request #5760 from Icinga/fix/http-client-bugs
Fix incorrect socket handling for the HTTP client
2017-12-08 12:51:50 +01:00
Michael Friedrich da056b052b
Merge pull request #5827 from Icinga/feature/replace-statsfunction-with-function
Replace StatsFunction with Function
2017-11-30 21:28:32 +01:00
Michael Friedrich a238613fdc
Merge pull request #5825 from Icinga/feature/boost-assign
Replace boost::assign::list_of with initializer lists
2017-11-30 21:20:46 +01:00
Gunnar Beutner a344f11e6c Replace StatsFunction with Function 2017-11-30 19:02:25 +01:00
Gunnar Beutner 83f17b5bfa Replace boost::assign::list_of with initializer lists 2017-11-30 18:09:38 +01:00
Gunnar Beutner 325e4a2fb9 Use nullptr instead of <Type>::Ptr() 2017-11-30 17:47:09 +01:00
Gunnar Beutner 3c60fbf75d Use std::vector::emplace_back instead of std::vector::push_back 2017-11-30 17:47:09 +01:00
Gunnar Beutner 2e87c280ed Use initializer lists instead of std::vector::push_back 2017-11-30 17:47:09 +01:00
Gunnar Beutner ebc11d41a5 Tidy up INITIALIZE_ONCE use in console.cpp a bit 2017-11-30 17:47:09 +01:00
Gunnar Beutner 9ce950b0f1 Replace boost::ref/boost::cref with std::ref/std::cref 2017-11-30 17:47:09 +01:00
Gunnar Beutner df8266631d Replace boost::tuple with std::tuple 2017-11-30 17:41:02 +01:00
Gunnar Beutner 6739023678 Dynamically create and destroy the timer thread 2017-11-30 17:41:02 +01:00
Gunnar Beutner 6d09efc907 Use std::shared_ptr instead of boost::shared_ptr 2017-11-30 17:41:00 +01:00
Gunnar Beutner 245feca0e7 Move the Timer::Holder class to timer.cpp 2017-11-30 17:39:22 +01:00
Gunnar Beutner 7d7eaa8dd3 Replace boost::thread with std::thread 2017-11-30 17:39:20 +01:00
Gunnar Beutner d5961bb76c Re-implement WrapFunction() using C++11 features 2017-11-29 11:53:45 +01:00
Gunnar Beutner 858873b940 Replace boost::bind/boost::function with std::bind/std::function 2017-11-27 15:15:11 +01:00
Gunnar Beutner 6b3931973e
Merge pull request #5555 from Icinga/feature/ecc-certs
Implement support for ECC certificates
2017-11-27 15:11:04 +01:00
Gunnar Beutner 1b4206e5b1
Merge pull request #5725 from Icinga/feature/proper-uuids
Use real UUIDs for Utility::NewUniqueID
2017-11-27 10:18:52 +01:00
Gunnar Beutner 52692a008e Fix incorrect socket handling for the HTTP client 2017-11-15 09:53:38 +01:00
Noah Hilverling c10f0a639b RingBuffer: Add CalculateRate()
refs #5750
2017-11-14 11:06:56 +01:00
Noah Hilverling 054faa54d5 Return bytes sent/written in SendMessage() and WriteStringToStream()
refs #5509
2017-11-14 08:18:23 +01:00
Noah Hilverling 2acaccd028 Fix that RingBuffer does not get updated if nothing is written
refs #5750
2017-11-13 16:17:59 +01:00
Lee Clemens 9fdfa5ee10 Handle mis-detection with clang on RHEL/CentOS 7
C++11 features available: BOOST_NO_CXX11_HDR_TUPLE

refs #5257
2017-11-08 08:34:45 +01:00
Gunnar Beutner 6f8b62333f Use real UUIDs for Utility::NewUniqueID 2017-11-07 13:53:04 +01:00
Noah Hilverling 3e8f78e2cc Process: Fix fork error handling
refs #5617
2017-10-23 11:01:42 +02:00
Noah Hilverling 7930ae5094 Process: Remove log message from child process 2017-10-23 11:01:16 +02:00
Gunnar Beutner f2d437e96c Implement support for migrating certificates to /var/lib/icinga2/certs
This commit includes documentation too.

Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
2017-10-20 14:06:02 +02:00
Michael Friedrich 9d68ae9f1f Merge pull request #5602 from Icinga/fix/config-validation-fails-on-windows-with-unprivileged-account-5515
Add windows process elevation and log message if user does not have privileges to read/write files
2017-10-13 16:31:12 +02:00
Michael Friedrich 0b1ce7111c Merge pull request #5231 from Al2Klimov/bugfix/failure-to-kill-check-command-after-exceeding-timeout-is-not-reported-4981
Report failure to kill check command after exceeding timeout
2017-10-13 13:57:26 +02:00
Michael Friedrich 9a04a99400 Merge pull request #5554 from Icinga/feature/cn-check-for-san
Add subjectAltName extension for all non-CA certificates
2017-10-10 17:50:01 +02:00
Michael Friedrich c0a3de64fb Fix match(), regex(), cidr_match() behaviour with MatchAll and empty arrays
fixes #5634
2017-09-29 14:45:15 +02:00
Noah Hilverling aab50f669c Add process elevation & log message if user does not have enough privileges
refs #5515
2017-09-22 10:25:17 +02:00
Noah Hilverling ea24af6590 SyslogLogger: Implement option to set syslog facility
fixes #3964
2017-09-20 14:09:51 +02:00
Gunnar Beutner 5179faceab Implement new script functions: path_exists, glob and glob_recursive 2017-09-18 13:59:03 +02:00
Gunnar Beutner 774936bfe8 Implement support for pki::UpdateCertificate messages
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner 0ec07bce51 Implement support for updating client certificates
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner abdd4b307b Implement the 'ca list' and 'ca sign' CLI commands
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner 510e2d622a Implement support for ticket-less certificate requests
refs #5450
2017-09-12 12:52:49 +02:00
Michael Friedrich 344b047ea0 Move Base64 class into libbase
refs #5538
2017-09-12 12:52:49 +02:00
Gunnar Beutner 10691db5b1 Implement support for ECC certificates 2017-09-06 12:29:30 +02:00
Gunnar Beutner 3385122bc3 Add subjectAltName extension for all non-CA certificates 2017-09-06 12:25:36 +02:00